YAAQB: this commit fixes Bug 457 - Can't remove a group or group member in LRR (#53)

Demo video shows that the modification works Co-authored-by: Hui Lan <lanhui@zjnu.edu.cn> Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/53 Co-authored-by: mrlan <mrlan@noreply.121.4.94.30> Co-committed-by: mrlan <mrlan@noreply.121.4.94.30>
2023-01-19 18:22:39 +08:00 · 2023-01-19 18:22:39 +08:00 · a02b3bec4b
parent 3214b26d5d
commit a02b3bec4b
2 changed files with 113 additions and 4 deletions
--- a/Course.php
+++ b/Course.php
@ -529,21 +529,37 @@ course_groups_table.Course_Group_id=course_group_members_table.Course_Group_id W
                $extra3="   <a href='#' class='' onclick='accept($id,0)'>Decline</a></small>"; 
                                
            }
-            echo "<div  class='btn-default'><small> $name ($status)  $extra  $extra2  $extra3</small></div>";
+
+            # Add "delete group" button and allow only group creator to delete it
+            $extra4 = "<button onclick='delete_group($id)' class='btn btn-danger' style='height: 25px; width: 90px; 
+                        line-height: 10px; font-size: 10px'>DELETE GROUP</button>";
+
+            echo "<div  class='btn-default'><small> $name ($status)  $extra  $extra2  $extra3" . 
+            (($status == "Created")? "$extra4": "")
+            ."</small></div>";
                        
            $rs2=mysqli_query($con,"SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID, 
                            course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table` 
 INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID
 where course_group_members_table.Course_Group_id=$id");
-                        
+            
+            #Check whether the current user in session is the creator of the group
+            $rs3 = mysqli_query($con, "SELECT `Status` from course_group_members_table where Student_ID = $student_id");
+            $flag = mysqli_fetch_assoc($rs3)['Status'] == "Created";
+
            while($row = mysqli_fetch_assoc($rs2)) {
                $name=$row['Full_Name'];
                $id=$row['Course_Group_id'];
                $status=$row['Status'];
                $Student_ID=$row['Student_ID'];
                        
-                        
-                echo "<li><small> $name-$Student_ID ($status)</small></li>";
+                #Show group members + remove button next to each member except the creator of the group
+                if($flag){
+                    echo "<li><small> $name-$Student_ID ($status)</small>".(($status != "Created")?"<button onclick='remove_member($Student_ID, $id)' 
+                class='btn btn-danger' style='height: 25px; width: 80px; line-height: 10px;'>remove</button>":"")."</li>";
+                }else{
+                    echo "<li><small> $name-$Student_ID ($status)</small>";
+                } 
                        
            }
                        
@ -688,5 +704,62 @@ function remarking(data)
    window.location.href = data+"&details="+details;
 }
  
+function remove_member(student_id, group_id) {
+    
+    try
+    {
+        
+
+        $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="removemember" value="true">\n\
+ <input type="hidden" name="student_id" value="'+student_id+'" > \n\
+ <input type="hidden" name="group_id" value="'+group_id+'">\n\
+<input type="hidden" name="url" value="<?php echo $url; ?>"></form>').dialog({
+    modal: true,
+    title:'Remove '+student_id+'?',
+    buttons: {
+        'Confirm': function () {
+            $('#frm').submit();
+	    
+            $(this).dialog('close');
+        },
+        'X': function () {
+	    
+            $(this).dialog('close');
+        }
+	
+    }
+});
+
+    } catch(e){ alert(e); }
+}
+
+function delete_group(id) {
+    
+    try
+    {
+        
+
+        $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="deletegroup" value="true">\n\
+ <input type="hidden" name="group_id" value="'+id+'" > \n\
+<input type="hidden" name="url" value="<?php echo $url; ?>"></form>').dialog({
+    modal: true,
+    title:'Delete this group?',
+    buttons: {
+        'Confirm': function () {
+            $('#frm').submit();
+	    
+            $(this).dialog('close');
+        },
+        'X': function () {
+	    
+            $(this).dialog('close');
+        }
+	
+    }
+});
+
+    } catch(e){ alert(e); }
+}
+
 </script>
    
--- a/Script.php
+++ b/Script.php
@ -824,6 +824,42 @@ if (!empty($_GET["acceptinvite"])) {
    }
 }

+#Remove a member from group
+
+if (!empty($_GET["removemember"])) {
+
+    $student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
+    $group_id = mysqli_real_escape_string($con, $_GET["group_id"]);
+    $url = mysqli_real_escape_string($con, $_GET["url"]);
+
+    $sql = "Delete from  `course_group_members_table`  where  student_id=$student_id and Course_Group_id=$group_id";
+
+    if ($con->query($sql) === TRUE) {
+        $_SESSION["info_ReMarking"] = " Member " . $student_id . " removed from the group";
+        header("Location: Course.php?url=" . $url);
+    } else {
+        echo "Error: " . $sql . "<br>" . $con->error;
+    }
+}
+
+#Delete a whole group
+
+if (!empty($_GET["deletegroup"])) {
+
+    $group_id = mysqli_real_escape_string($con, $_GET["group_id"]);
+    $url = mysqli_real_escape_string($con, $_GET["url"]);
+
+    $sql1 = "Delete from  `course_group_members_table`  where  Course_Group_id=$group_id";
+    $sql2 = "Delete from `course_groups_table` where Course_Group_id=$group_id";
+
+    if ($con->query($sql1) === TRUE && $con->query($sql2) === TRUE) {
+        $_SESSION["info_ReMarking"] = " Group has been deleted successfully. ";
+        header("Location: Course.php?url=" . $url);
+    } else {
+        echo "Error: " . $sql . "<br>" . $con->error;
+    }
+}
+
 #Extend Deadline

 if (!empty($_GET["extenddeadline"])) {